VPN or Zero Trust? Network security for hybrid working environments

In the past, corporate networks developed around the respective locations – offices, factory floors and data centers. Client-server applications were mainly used, with applications mostly hosted in private or public data centers such as Equinix. Remote workers were a rarity and were tunneled into the corporate network via VPN. Such VPN solutions were not particularly popular with either users or administrators, but were accepted as a necessary evil. This created a situation in which everything within the network was secure and everything outside the network was insecure.

The transformation of IT

In recent years, there has been a major change in IT. Thanks to the use of Software-as-a-Service, fewer and fewer applications were operated in the company’s own or rented data center. Most SaaS solutions are provided via the Internet and operated in the browser. As a result, security requirements have changed fundamentally. There is no longer a clear boundary between secure and insecure. Applications and data are now outside the network boundaries of the organization, so it became less important to defend the boundaries and more important to protect the applications, the data and the users – no matter where they were.

Another change has taken place since the start of the pandemic months. As many have been forced to work from home, and many continue to do so, we are essentially using the internet as our new corporate network. As a result, tried and tested WANs such as MPLS are being used less and less for Site Connectivity. If all applications are provided via the Internet, the question arises as to whether a classic WAN is still needed at all?

VPN: obstacle or added value?

Despite all further developments, some basic truths still apply. A network is needed to connect all applications, users and devices. However, expectations of this network have changed. Users expect fast, user-friendly applications that work the same way on any device, anywhere. They see VPNs as an obstacle to their usual user experience.
At the same time, the internet has not become more secure. With the easy availability of attack tools and botnets, as well as the proliferation of ransomware in corporate IT environments, threats continue to increase. Network security is therefore no longer just a problem at the network edge – it is a problem for all areas.

Zero Trust as a solution

The future of IT security is called Zero Trust. But isolated Zero Trust solutions, with their virtual security appliances, still create choke points in a WAN, which has a negative impact on the user experience.
must therefore aim to find a unified SD-WAN and Security-as-a-Service solution. Such solutions can eliminate bottlenecks in the network and provide seamless, scalable zero-trust security-as-a-service. With such a solution, every user has access to the services they need. Regardless of whether they are working from home or in the office.